6.3
CVE-2013-6688
- EPSS 0.39%
- Veröffentlicht 18.11.2013 03:55:06
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Unified Communications Manager Version <= 9.1\(1\)
Cisco ≫ Unified Communications Manager Version4.2
Cisco ≫ Unified Communications Manager Version4.2.1
Cisco ≫ Unified Communications Manager Version4.2.2
Cisco ≫ Unified Communications Manager Version4.2.3
Cisco ≫ Unified Communications Manager Version4.2.3sr1
Cisco ≫ Unified Communications Manager Version4.2.3sr2
Cisco ≫ Unified Communications Manager Version4.2.3sr2b
Cisco ≫ Unified Communications Manager Version4.3
Cisco ≫ Unified Communications Manager Version5.0
Cisco ≫ Unified Communications Manager Version5.1
Cisco ≫ Unified Communications Manager Version5.1.2
Cisco ≫ Unified Communications Manager Version6.0
Cisco ≫ Unified Communications Manager Version8.0
Cisco ≫ Unified Communications Manager Version8.5
Cisco ≫ Unified Communications Manager Version8.6
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.39% | 0.59 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.3 | 6.8 | 6.9 |
AV:N/AC:M/Au:S/C:N/I:C/A:N
|
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.